Good article on why secure online voting is such a maddeningly difficult challenge, and why it’s really not ready for use, no matter what vendors may say.
The paradox of ensuring both verifiability and anonymity in internet voting has frustrated security researchers for decades.
The history of elections in the United States — to say nothing of how elections have proceeded in other, less democratic countries — demonstrates the importance of maintaining the secret ballot. In order to rule out corruption to the greatest extent possible, elections must feature what Stanford University computer science professor David Dill, a Verified Voting board member, calls “non-coercibility, or receipt-freeness,” which is the inability of a person to prove to anyone else how they voted. “I should be able,” Dill said, “to lie to them about the presidential candidate that I voted for, to defeat their bribing me or threatening me to get me to vote a particular way.” If bribery is possible, it will happen. Thus, in this most important of political activities, bribery must be made impossible.
But election administrators lose something when their internet voting platforms disentangle ballot data from the identity of the people casting those ballots. “When you have the requirement for anonymity,” said Daniel Zimmerman, a security researcher at the technology firm Galois, “you have a lot less audit data that you can work with.”